- printf(
- " {\n"
- " .verb = \"%s\",\n"
- " .callback = %s%s%s,\n"
- " .permissions = %s,\n"
- " .session = %s%d,\n"
- " },\n"
- , verb, prefix, verb, postfix, perm, loa, l
- );
- } else {
- printf(
- "%s void %s%s%s(struct afb_req req);\n"
- , scope, prefix, verb, postfix
- );
+struct json_object *decl_perm(struct json_object *obj)
+{
+ char *a;
+ struct json_object *x, *y;
+
+ if (json_object_object_get_ex(d_perms, json_object_to_json_string_ext(obj, 0), &x))
+ return x;
+
+ if (json_object_object_get_ex(obj, "permission", &x)) {
+ asprintf(&a, ".type = afb_auth_Permission, .text = \"%s\"", json_object_get_string(x));
+ y = new_perm(obj, a);
+ free(a);
+ }
+ else if (json_object_object_get_ex(obj, "anyOf", &x)) {
+ y = decl_perm_a("Or", x);
+ }
+ else if (json_object_object_get_ex(obj, "allOf", &x)) {
+ y = decl_perm_a("And", x);
+ }
+ else if (json_object_object_get_ex(obj, "not", &x)) {
+ x = decl_perm(x);
+ asprintf(&a, ".type = afb_auth_Not, .first = %s", json_object_get_string(x));
+ y = new_perm(obj, a);
+ free(a);
+ }
+ else if (json_object_object_get_ex(obj, "LOA", &x))
+ y = NULL;
+ else if (json_object_object_get_ex(obj, "session", &x))
+ y = NULL;
+ else
+ y = NULL;
+
+ return y;
+}
+
+void declare_permissions(const char *name, struct json_object *obj)
+{
+ struct json_object *p;
+
+ p = permissions_of_verb(obj);
+ if (p)
+ decl_perm(p);
+}
+
+
+#define SESSION_CLOSE 0x000001
+#define SESSION_RENEW 0x000010
+#define SESSION_CHECK 0x000100
+#define SESSION_LOA_1 0x001000
+#define SESSION_LOA_2 0x011000
+#define SESSION_LOA_3 0x111000
+#define SESSION_MASK 0x111111
+
+
+int get_session(struct json_object *obj);
+
+int get_session_a(int and, struct json_object *obj)
+{
+ int i, n, x, y;
+
+ n = obj ? json_object_array_length(obj) : 0;
+ if (n == 0)
+ return 0;
+
+ i = n;
+ x = get_session(json_object_array_get_idx(obj, --i));
+ while (i) {
+ y = get_session(json_object_array_get_idx(obj, --i));
+ if (and)
+ x &= y;
+ else
+ x |= y;
+ }
+ return x;
+}
+
+int get_session(struct json_object *obj)
+{
+ int y;
+ const char *a;
+ struct json_object *x;
+
+ y = 0;
+ if (json_object_object_get_ex(obj, "anyOf", &x)) {
+ y = get_session_a(1, x);
+ }
+ else if (json_object_object_get_ex(obj, "allOf", &x)) {
+ y = get_session_a(0, x);
+ }
+ else if (json_object_object_get_ex(obj, "not", &x)) {
+ y = ~get_session(x) & SESSION_MASK;
+ }
+ else if (json_object_object_get_ex(obj, "LOA", &x)) {
+ switch (json_object_get_int(x)) {
+ case 3: y = SESSION_LOA_3; break;
+ case 2: y = SESSION_LOA_2; break;
+ case 1: y = SESSION_LOA_1; break;
+ default: break;